Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c33b5e7ed9500eec23c7eb3d499444e_JaffaCakes118
-
Size
136KB
-
Sample
240528-jf54ksbb9x
-
MD5
7c33b5e7ed9500eec23c7eb3d499444e
-
SHA1
88c5d65376de3fc2718052b7e2fd9de48230cb2e
-
SHA256
1c5a8bb042f680abefa2f04bdd7285eb0f50a84ea43bad16999f885711ab7d57
-
SHA512
b29715c4bf932367523044d7b879032ed91233bcb7fd74005e9f5dd3d444b9c0d76a537faa6928c161102a40fec6f0f7fb2091e60f7d3dd1cecf4d5826f2920f
-
SSDEEP
1536:d6A6j81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a98B2QwsiYTu:Y8GhDS0o9zTGOZD6EbzCduUQw
Behavioral task
behavioral1
Sample
7c33b5e7ed9500eec23c7eb3d499444e_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7c33b5e7ed9500eec23c7eb3d499444e_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://shophousekhaisontowncity.com/PL
http://www.mygidas.lt/m
http://www.natuhemp.net/m
http://c-sert.ru/assets/images/zIM8ozmY
http://nusantararental.com/Z4aZh
Targets
-
-
Target
7c33b5e7ed9500eec23c7eb3d499444e_JaffaCakes118
-
Size
136KB
-
MD5
7c33b5e7ed9500eec23c7eb3d499444e
-
SHA1
88c5d65376de3fc2718052b7e2fd9de48230cb2e
-
SHA256
1c5a8bb042f680abefa2f04bdd7285eb0f50a84ea43bad16999f885711ab7d57
-
SHA512
b29715c4bf932367523044d7b879032ed91233bcb7fd74005e9f5dd3d444b9c0d76a537faa6928c161102a40fec6f0f7fb2091e60f7d3dd1cecf4d5826f2920f
-
SSDEEP
1536:d6A6j81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a98B2QwsiYTu:Y8GhDS0o9zTGOZD6EbzCduUQw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-